{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T14:43:50Z","timestamp":1767969830626,"version":"3.49.0"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2021,1,2]],"date-time":"2021-01-02T00:00:00Z","timestamp":1609545600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,2]],"date-time":"2021-01-02T00:00:00Z","timestamp":1609545600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2021,3]]},"DOI":"10.1007\/s10623-020-00820-0","type":"journal-article","created":{"date-parts":[[2021,1,2]],"date-time":"2021-01-02T18:02:26Z","timestamp":1609610546000},"page":"407-440","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Beyond-birthday security for permutation-based Feistel networks"],"prefix":"10.1007","volume":"89","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8520-6301","authenticated-orcid":false,"given":"Chun","family":"Guo","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guoyan","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,1,2]]},"reference":[{"key":"820_CR1","doi-asserted-by":"crossref","unstructured":"Bellare M., Rogaway P.: The security of triple encryption and a framework for code-based game-playing proofs. In: Vaudenay S. (ed.) Advances in Cryptology\u2014EUROCRYPT 2006. Lecture Notes in Computer Science, vol. 4004, pp. 409\u2013426. Springer, Heidelberg (May\/Jun 2006).","DOI":"10.1007\/11761679_25"},{"key":"820_CR2","doi-asserted-by":"crossref","unstructured":"Bhattacharya S., Nandi M.: Full indifferentiable security of the xor of two or more random permutations using the $$\\chi ^2$$ method. In: Nielsen J.B., Rijmen V. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2018, Part\u00a0I. Lecture Notes in Computer Science, vol. 10820, pp. 387\u2013412. Springer, Heidelberg (April\/May 2018).","DOI":"10.1007\/978-3-319-78381-9_15"},{"issue":"1","key":"820_CR3","doi-asserted-by":"publisher","first-page":"314","DOI":"10.46586\/tosc.v2018.i1.314-335","volume":"2018","author":"S Bhattacharya","year":"2018","unstructured":"Bhattacharya S., Nandi M.: Revisiting variable output length xor pseudorandom function. IACR Trans. Symmetric Cryptol. 2018(1), 314\u2013335 (2018).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"820_CR4","doi-asserted-by":"crossref","unstructured":"Chen S., Steinberger J.P.: Tight security bounds for key-alternating ciphers. In: Nguyen P.Q., Oswald E. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2014. Lecture Notes in Computer Science, vol. 8441, pp. 327\u2013350. Springer, Heidelberg (May 2014).","DOI":"10.1007\/978-3-642-55220-5_19"},{"issue":"4","key":"820_CR5","doi-asserted-by":"publisher","first-page":"1064","DOI":"10.1007\/s00145-018-9295-y","volume":"31","author":"S Chen","year":"2018","unstructured":"Chen S., Lampe R., Lee J., Seurin Y., Steinberger J.P.: Minimizing the two-round Even-Mansour cipher. J. Cryptol. 31(4), 1064\u20131119 (2018).","journal-title":"J. Cryptol."},{"key":"820_CR6","doi-asserted-by":"crossref","unstructured":"Cogliati B., Dodis Y., Katz J., Lee J., Steinberger J.P., Thiruvengadam A., Zhang Z.: Provable security of (tweakable) block ciphers based on substitution-permutation networks. In: Shacham H., Boldyreva A. (eds.) Advances in Cryptology \u2013 CRYPTO 2018, Part I. Lecture Notes in Computer Science, vol. 10991, pp. 722\u2013753. Springer, Heidelberg (Aug 2018).","DOI":"10.1007\/978-3-319-96884-1_24"},{"key":"820_CR7","doi-asserted-by":"crossref","unstructured":"Coron J.S., Dodis Y., Mandal A., Seurin Y.: A domain extender for the ideal cipher. In: Micciancio D. (ed.) TCC\u00a02010: 7th Theory of Cryptography Conference. Lecture Notes in Computer Science, vol. 5978, pp. 273\u2013289. Springer, Heidelberg (Feb 2010).","DOI":"10.1007\/978-3-642-11799-2_17"},{"issue":"1","key":"820_CR8","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1007\/s00145-014-9189-6","volume":"29","author":"J Coron","year":"2016","unstructured":"Coron J., Holenstein T., K\u00fcnzler R., Patarin J., Seurin Y., Tessaro S.: How to build an ideal cipher: the indifferentiability of the feistel construction. J. Cryptol. 29(1), 61\u2013114 (2016).","journal-title":"J. Cryptol."},{"key":"820_CR9","doi-asserted-by":"crossref","unstructured":"Dai W., Hoang V.T., Tessaro S.: Information-theoretic indistinguishability via the chi-squared method. In: Katz J., Shacham H. (eds.) Advances in Cryptology\u2014CRYPTO 2017, Part III. Lecture Notes in Computer Science, vol. 10403, pp. 497\u2013523. Springer, Heidelberg (Aug 2017).","DOI":"10.1007\/978-3-319-63697-9_17"},{"key":"820_CR10","doi-asserted-by":"crossref","unstructured":"Datta N., Dutta A., Nandi M., Yasuda K.: Encrypt or decrypt? To make a single-key beyond birthday secure nonce-based MAC. In: Shacham H., Boldyreva, A. (eds.) Advances in Cryptology \u2013 CRYPTO 2018, Part I. Lecture Notes in Computer Science, vol. 10991, pp. 631\u2013661. Springer, Heidelberg (Aug 2018).","DOI":"10.1007\/978-3-319-96884-1_21"},{"issue":"11","key":"820_CR11","doi-asserted-by":"publisher","first-page":"1545","DOI":"10.1109\/PROC.1975.10005","volume":"63","author":"H Feistel","year":"1975","unstructured":"Feistel H., Notz W.A., Smith J.L.: Some cryptographic techniques for machine-to-machine data communications. Proc. IEEE 63(11), 1545\u20131554 (1975).","journal-title":"Proc. IEEE"},{"issue":"1","key":"820_CR12","doi-asserted-by":"publisher","first-page":"2","DOI":"10.3390\/cryptography1010002","volume":"1","author":"S Gilboa","year":"2017","unstructured":"Gilboa S., Gueron S., Nandi M.: Balanced permutations Even-Mansour Ciphers. Cryptography 1(1), 2 (2017).","journal-title":"Cryptography"},{"key":"820_CR13","unstructured":"Government Committee of the USSR for Standards.: GOST, Gosudarstvennyi Standard 28147-89, Cryptographic Protection for Data Processing Systems (1989)."},{"key":"820_CR14","doi-asserted-by":"crossref","unstructured":"Guo J., Jean J., Nikolic I., Sasaki Y.: Meet-in-the-middle attacks on generic Feistel constructions. In: Sarkar P., Iwata T. (eds.) Advances in Cryptology\u2014ASIACRYPT 2014, Part I. Lecture Notes in Computer Science, vol. 8873, pp. 458\u2013477. Springer, Heidelberg (Dec 2014).","DOI":"10.1007\/978-3-662-45611-8_24"},{"key":"820_CR15","doi-asserted-by":"crossref","unstructured":"Guo C., Lin D.: On the indifferentiability of key-alternating Feistel ciphers with no key derivation. In: Dodis Y., Nielsen J.B. (eds.) TCC 2015: 12th Theory of Cryptography Conference, Part I. Lecture Notes in Computer Science, vol. 9014, pp. 110\u2013133. Springer, Heidelberg (Mar 2015).","DOI":"10.1007\/978-3-662-46494-6_6"},{"key":"820_CR16","doi-asserted-by":"crossref","unstructured":"Guo C., Wang L.: Revisiting key-alternating Feistel ciphers for shorter keys and multi-user security. In: Peyrin T., Galbraith S. (eds.) Advances in Cryptology\u2014ASIACRYPT\u00a02018, Part I. pp. 213\u2013243. Lecture Notes in Computer Science, Springer, Heidelberg (Dec 2018).","DOI":"10.1007\/978-3-030-03326-2_8"},{"issue":"4","key":"820_CR17","doi-asserted-by":"publisher","first-page":"509","DOI":"10.1007\/s12095-015-0128-7","volume":"7","author":"C Guo","year":"2015","unstructured":"Guo C., Lin D.: Improved domain extender for the ideal cipher. Cryptogr. Commun. 7(4), 509\u2013533 (2015).","journal-title":"Cryptogr. Commun."},{"key":"820_CR18","doi-asserted-by":"crossref","unstructured":"Halevi S.: Invertible universal hashing and the TET encryption mode. In: Menezes A. (ed.) Advances in Cryptology\u2014CRYPTO 2007. Lecture Notes in Computer Science, vol. 4622, pp. 412\u2013429. Springer, Heidelberg (Aug 2007).","DOI":"10.1007\/978-3-540-74143-5_23"},{"key":"820_CR19","doi-asserted-by":"crossref","unstructured":"Hoang V.T., Rogaway P.: On generalized Feistel networks. In: Rabin T. (ed.) Advances in Cryptology\u2014CRYPTO 2010. Lecture Notes in Computer Science, vol. 6223, pp. 613\u2013630. Springer, Heidelberg (Aug 2010).","DOI":"10.1007\/978-3-642-14623-7_33"},{"key":"820_CR20","unstructured":"ISO\/IEC 18033-3:2010.: Information technology\u2014Security techniques\u2014Encryption algorithms\u2013Part 3: Block ciphers (2016). https:\/\/www.iso.org\/standard\/54531.html."},{"key":"820_CR21","unstructured":"ISO\/IEC 29192-2:2012.: Information technology\u2014Security techniques\u2014Lightweight cryptography\u2014Part 2: Block ciphers (2017). https:\/\/www.iso.org\/standard\/56552.html."},{"key":"820_CR22","doi-asserted-by":"crossref","unstructured":"Isobe T., Shibutani K.: Generic key recovery attack on Feistel scheme. In: Sako K., Sarkar P. (eds.) Advances in Cryptology\u2014ASIACRYPT 2013, Part I. Lecture Notes in Computer Science, vol. 8269, pp. 464\u2013485. Springer, Heidelberg (Dec 2013).","DOI":"10.1007\/978-3-642-42033-7_24"},{"issue":"19\u201321","key":"820_CR23","doi-asserted-by":"publisher","first-page":"827","DOI":"10.1016\/j.ipl.2013.08.001","volume":"113","author":"O Kara","year":"2013","unstructured":"Kara O.: Square reflection cryptanalysis of 5-round feistel networks with permutations. Inf. Process. Lett. 113(19\u201321), 827\u2013831 (2013).","journal-title":"Inf. Process. Lett."},{"key":"820_CR24","unstructured":"Knudsen L.R.: DEAL\u2014A 128-bit Block Cipher (1998). http:\/\/www.ii.uib.no\/~larsr\/aes.html"},{"key":"820_CR25","doi-asserted-by":"crossref","unstructured":"Lampe R., Seurin Y.: Security analysis of key-alternating Feistel ciphers. In: Cid C., Rechberger, C. (eds.) Fast Software Encryption\u2014FSE 2014. Lecture Notes in Computer Science, vol. 8540, pp. 243\u2013264. Springer, Heidelberg (Mar 2015).","DOI":"10.1007\/978-3-662-46706-0_13"},{"key":"820_CR26","doi-asserted-by":"crossref","unstructured":"Landecker W., Shrimpton T., Terashima R.S.: Tweakable blockciphers with beyond birthday-bound security. In: Safavi-Naini R., Canetti R. (eds.) Advances in Cryptology\u2014CRYPTO 2012. Lecture Notes in Computer Science, vol. 7417, pp. 14\u201330. Springer, Heidelberg (Aug 2012).","DOI":"10.1007\/978-3-642-32009-5_2"},{"issue":"7","key":"820_CR27","doi-asserted-by":"publisher","first-page":"1516","DOI":"10.1587\/transfun.E97.A.1516","volume":"97\u2013A","author":"J Lee","year":"2014","unstructured":"Lee J.: Security of the Misty Structure beyond the Birthday Bound. IEICE Trans. 97\u2013A(7), 1516\u20131522 (2014). https:\/\/doi.org\/10.1587\/transfun.E97.A.1516.","journal-title":"IEICE Trans."},{"issue":"2","key":"820_CR28","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1137\/0217022","volume":"17","author":"M Luby","year":"1988","unstructured":"Luby M., Rackoff C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Comput. 17(2), 373\u2013386 (1988).","journal-title":"SIAM J. Comput."},{"key":"820_CR29","doi-asserted-by":"crossref","unstructured":"Maurer U.M., Pietrzak K.: The security of many-round Luby-Rackoff pseudo-random permutations. In: Biham E. (ed.) Advances in Cryptology\u2014EUROCRYPT\u00a02003. Lecture Notes in Computer Science, vol. 2656, pp. 544\u2013561. Springer, Heidelberg (May 2003).","DOI":"10.1007\/3-540-39200-9_34"},{"key":"820_CR30","doi-asserted-by":"crossref","unstructured":"Mennink B., Neves S.: Encrypted Davies-Meyer and its dual: Towards optimal security using mirror theory. In: Katz J., Shacham H. (eds.) Advances in Cryptology\u2014CRYPTO 2017, Part III. Lecture Notes in Computer Science, vol. 10403, pp. 556\u2013583. Springer, Heidelberg (Aug 2017).","DOI":"10.1007\/978-3-319-63697-9_19"},{"key":"820_CR31","doi-asserted-by":"crossref","unstructured":"Minematsu K.: Parallelizable rate-1 authenticated encryption from pseudorandom functions. In: Nguyen P.Q., Oswald E. (eds.) Advances in Cryptology\u2014EUROCRYPT 2014. Lecture Notes in Computer Science, vol. 8441, pp. 275\u2013292. Springer, Heidelberg (May 2014).","DOI":"10.1007\/978-3-642-55220-5_16"},{"key":"820_CR32","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-49530-9","volume-title":"Feistel Ciphers\u2014Security Proofs and Cryptanalysis","author":"V Nachef","year":"2017","unstructured":"Nachef V., Patarin J., Volte E.: Feistel Ciphers\u2014Security Proofs and Cryptanalysis. Springer, Berlin (2017). https:\/\/doi.org\/10.1007\/978-3-319-49530-9."},{"issue":"2","key":"820_CR33","doi-asserted-by":"publisher","first-page":"68","DOI":"10.46586\/tosc.v2020.i2.68-92","volume":"2020","author":"R Nakamichi","year":"2020","unstructured":"Nakamichi R., Iwata T.: Beyond-birthday-bound secure cryptographic permutations from ideal ciphers with long keys. IACR Trans. Symmetric Cryptol. 2020(2), 68\u201392 (2020).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"820_CR34","unstructured":"Standards N.B.: Data Encryption Standard (DES). Federal Information Processing Standards Publication 46 (1977)"},{"key":"820_CR35","doi-asserted-by":"crossref","unstructured":"Patarin J.: Security of random Feistel schemes with 5 or more rounds. In: Franklin M. (ed.) Advances in Cryptology\u2014CRYPTO 2004. Lecture Notes in Computer Science, vol. 3152, pp. 106\u2013122. Springer, Heidelberg (Aug 2004).","DOI":"10.1007\/978-3-540-28628-8_7"},{"key":"820_CR36","doi-asserted-by":"crossref","unstructured":"Patarin J.: The \u201ccoefficients H\u201d technique (invited talk). In: Avanzi R.M., Keliher L., Sica F. (eds.) SAC 2008: 15th Annual International Workshop on Selected Areas in Cryptography. Lecture Notes in Computer Science, vol. 5381, pp. 328\u2013345. Springer, Heidelberg (Aug 2009).","DOI":"10.1007\/978-3-642-04159-4_21"},{"key":"820_CR37","doi-asserted-by":"crossref","unstructured":"Pietrzak K.: A leakage-resilient mode of operation. In: Joux A. (ed.) Advances in Cryptology\u2014EUROCRYPT 2009. Lecture Notes in Computer Science, vol. 5479, pp. 462\u2013482. Springer, Heidelberg (Apr 2009).","DOI":"10.1007\/978-3-642-01001-9_27"},{"issue":"2","key":"820_CR38","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1007\/s10623-005-3562-2","volume":"39","author":"G Piret","year":"2006","unstructured":"Piret G.: Luby-rackoff revisited: on the use of permutations as inner functions of a feistel scheme. Des. Codes Cryptogr. 39(2), 233\u2013245 (2006).","journal-title":"Des. Codes Cryptogr."},{"issue":"1","key":"820_CR39","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1080\/0161-118491858746","volume":"8","author":"A Sorkin","year":"1984","unstructured":"Sorkin A.: Lucifer, a cryptographic algorithm. Cryptologia 8(1), 22\u201342 (1984).","journal-title":"Cryptologia"}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-020-00820-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10623-020-00820-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-020-00820-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,24]],"date-time":"2021-02-24T10:06:37Z","timestamp":1614161197000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10623-020-00820-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,1,2]]},"references-count":39,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2021,3]]}},"alternative-id":["820"],"URL":"https:\/\/doi.org\/10.1007\/s10623-020-00820-0","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,1,2]]},"assertion":[{"value":"2 March 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 October 2020","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 November 2020","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 January 2021","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}